ICJ along with 155 civil society organizations and 26 independent experts worldwide call on states to implement an immediate moratorium on the sale, transfer and use of surveillance technology.
The ICJ welcomes the ruling by the European Court of Human Rights in the case of B.B.W. and others v. the United Kingdom, setting out important guarantees against mass surveillance online.
On 25 May, the Grand Chamber of the European Court of Human Rights issued its final ruling in this case in which the ICJ intervened. The case deals with the human rights implications of the system of intelligence mass surveillance of the United Kingdom, which was unveiled by the revelations of Edward Snowden.
âThe judgment sets out clear guarantees to be respected in order to carry out bulk interception of communicationsâ, said Massimo Frigo, Senior Legal Adviser for the ICJ Europe and Central Asia Programme, âit is a first important step towards ensuring that protection of human rights is as effective online as it is offline. All Member States of the Council of Europe must now ensure that their surveillance systems respect these minimal guarantees.â
In its judgment, the Court recognised the difference between surveillance of individual communications and bulk interception of communications with the use of metadata and introduces a set of procedural guarantees to be respected at initial, intermediary and final stages of bulk data surveillance.
The Court found that these guarantees also apply when a State receives  intelligence based on bulk interception carried out by foreign States.
The judgment, however, does not fully address the implications for human rights of Statesâ participation in close transnational surveillance cooperation such as the system of the âFive Eyesâ including the UK, USA, Canada, Australia and New Zealand.
âThese transnational surveillance systems entail a higher level of responsibility by States under international human rights law in light of the high risk of bypassing national remediesâ, said Massimo Frigo, âWe hope the Court will be able to address these important issues in the future to strengthen the protection of human rights online in Europe.â
Contact:
Massimo Frigo, ICJ Senior Legal Adviser, t: +41797499949, e: massimo.frigo(a)icj.org
The Myanmar military should immediately abandon the draft Cyber Security Law and end Internet restrictions it has imposed since taking power in a coup on 1 February, said ARTICLE 19, Open Net Association, and the ICJ today.
âIt is telling that controlling cyberspace is one of the top priorities of the Myanmar military, which seized power through an illegitimate coup dâetat only last week,â said Sam Zarifi, ICJâs Secretary General. âThe military is used to having total power in Myanmar, but this time they have to face a population that has access to information and can communicate internally and externally.â
Under international law, the rights to freedom of expression and information may only be restricted if prescribed by law, in pursuit of a legitimate aim, and necessary and proportionate to that aim. This right applies equally online. In 2018, the UN Human Rights Council condemned âall undue restrictions on freedom of opinion and expression online that violate international lawâ.
âHaving illegally seized control of government, the military is trying to ram through a hugely problematic law that would imperil the Myanmar publicâs ability to share and access information online,â said Matthew Bugher, ARTICLE 19âs Head of Asia Programme. âThe draft law is further evidence of the militaryâs intent to control online discourse and permanently undermine Internet freedom in the country.â
Human rights bodies and experts have repeatedly condemned Internet shutdowns, which are inherently unnecessary and disproportionate irrespective of their purported objectives. Four UN special procedures with mandates from the Human Rights Council stated in their 2011Â Joint Declaration on Freedom of Expression and the Internet that, âCutting off access to the Internet, or parts of the Internet, for whole populations or segments of the public (shutting down the Internet) can never be justified, including on public order or national security groundsâ. The UN Human Rights Council has repeatedly called on Myanmar to lift Internet restrictions in the country.
Anonymity is furthermore crucial to protecting the right to freedom of expression and other human rights, including the right to privacy. UN Human Rights Council Resolution 38/7 recognizes that âprivacy online is important for the realization of the right to freedom of expression and to hold opinions without interference, and the right to freedom of peaceful assembly and associationâ. The UN Special Rapporteur on freedom of expression in a 2015 report stated that restrictions on encryption must confirm to the three-part test on restrictions to the freedom of expression noted above.
âThe ban on online anonymity in the cybersecurity law is not just bad for Myanmar but sets a dangerous precedent for the whole of Asiaâ, said Kyung Sin Park, Executive Director of Open Net Association, whose founders spearheaded a successful constitutional challenge against a similar law in South Korea in 2012. âThe content takedown provisions and criminalization of online speech in the draft law are extremely broad and utterly lacking due process even in comparison to other Asian countries. The proposal smacks of a legislative attempt to extend the powers the military had taken in an unlawful, anti-democratic coup.â
ISPs, online service providers (as defined by the draft law to mean content providers) and other stakeholders have only been given until 15 February for input. This is a clear indication that the military has no intention of engaging in meaningful consultation.
On 10 February, a group of 158 Myanmar civil society organizations released a statement rejecting the draft Cyber Security Law, while reiterating their view that the Myanmar military could not legitimately exercise legislative authority.
âAll online service providers inside and outside the country should be alarmed at this intrusion of military authority into cyberspace and refuse to implement these hugely problematic restrictions,â said ICJâs Sam Zarifi.
SPECIFIC PROBLEMATIC PROVISIONS OF THE DRAFT CYBERSECURITY LAW (based on an unofficial translation of the draft law):
Many provisions in the draft law are vague and overbroad, in contravention of the principle of legality. If enacted, the draft law would greatly extend the powers of military authorities to restrict and punish online expression.
The law provides overarching control to the militaryâs âState Administration Councilâ, a newly-formed body appointed by the Commander-in-Chief. The direct military control of Internet service provision and its role in the policing of content online is in and of itself cause for alarm. Further, the military should in no circumstances be charged with protecting personal data.
Section 29 of the draft law is overly broad as it demands the prevention, removal, destruction and cessation of a broad and vaguely defined range of expression, including online comments deemed âmisinformationâ or âdisinformationâ, any expression that causes hate and risks disrupting unity, stability, and peace, and âwritten and verbal statements against any existing lawâ.
Under section 64, any person convicted of creating âmisinformationâ and âdisinformationâ with the intent of causing public panic, loss of trust or social division in cyberspace is punishable by three yearsâ imprisonment, a fine, or both.
International human rights bodies have repeatedly urged governments against laws that create âfalse newsâ offences, warning about their potential abuse by governments to suppress criticism and other forms of speech protected by international human rights law.
Section 30 threatens the right to online anonymity by requiring online service providers to retain usernames, IP addresses, national IDs, and other personal data for up to three years, and to provide this information to authorities upon request. For this purpose, Section 28 requires an online service provider to ensure that any device that stores the userâs information must be kept in a place designated by the relevant Ministry.
The draft law also has overly broad catch-all provisions in Sections 61 and 73 respectively whereby online service providers that fail to comply with any provisions of the draft law face a maximum penalty of three yearsâ imprisonment and a fine and individuals failing to comply with any rules, regulations, notifications, orders, directives, and procedures issued under the draft law are subject to one yearâs imprisonment and a fine. These sanctions which are punitive in purpose and effective are non-compliant with the requirement of proportionality under international human rights law and standards on freedom of expression.
The draft law also provides for enhanced power to control the Internet without the benefit of judicial review by independent civilian courts. In the âpublic interestâ, a ministry approved by the State Administration Council may temporarily prohibit any online service or take control of devices related to online service provision, as well as permanently ban any online service provider. This is a less stringent standard than that provided under the problematic and much-criticized section 77 of the Telecommunications Act, which allows for shut downs or control of telecommunications in an âemergency situationâ.
Download
Statement in Burmese.
Contact
Osama Motiwala, ICJ Asia-Pacific Communications Officer, e: osama.motiwala(a)icj.org
Tanzania: Authorities must ensure justice for trial observers subjected to arbitrary detention and torture
EU: Ending child immigration detention through UN Treaty Bodies and the European Committee of Social Rights
Thailand: New law protecting SLAPPs marks progress but much more is needed